home

ACDaemon.exe

ArcSoft Connect

ArcSoft, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ArcSoft Connection Service’.
Publisher:
ArcSoft Inc.  (signed by ArcSoft, Inc.)

Product:
ArcSoft Connect

Description:
ArcSoft Connect Daemon

Version:
1.1.0.49

MD5:
a0fc3b0fe5ac8d4a506774b86fcd0cc8

SHA-1:
9e3616e911d847a3ff5adb5f9ebf4b2fc832683b

SHA-256:
967559b28f4eafa8e44d3c9eb63d7ef266def808359599ce8c5a77ea0a8d17e0

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/16/2024 9:05:28 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Floxif.H virus
6.3.12010.0

F-Prot
W32/Floxif.B
4.6.5.141

File size:
279 KB (285,703 bytes)

Product version:
1.1.0.49

Copyright:
Copyright (C) ArcSoft 2007

Original file name:
ACDaemon.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\common files\arcsoft\connection service\bin\acdaemon.exe

Digital Signature
Signed by:
ArcSoft, Inc.

Authority:
VeriSign, Inc.

Valid from:
6/22/2010 5:00:00 PM

Valid to:
8/13/2013 4:59:59 PM

Subject:
CN="ArcSoft, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="ArcSoft, Inc.", L=Fremont, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
39084E9060237309927F12E072B274ED

File PE Metadata
Compilation timestamp:
10/27/2010 4:11:40 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x1C500

Entry point:
E9, 5B, 63, FF, FF, 68, 10, 76, 42, 00, 68, 48, 13, 42, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, D4, 71, 42, 00, 33, D2, 8A, D4, 89, 15, AC, 0C, 43, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, A8, 0C, 43, 00, C1, E1, 08, 03, CA, 89, 0D, A4, 0C, 43, 00, C1, E8, 10, A3, A0, 0C, 43, 00, 6A, 01, E8, 6F, 3B, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C2, 00, 00, 00, 59, E8, 7C, 1B, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B1, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
6.8836

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
152 KB (155,648 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ArcSoft Connection Service

Command:
C:\Program Files\common files\arcsoft\connection service\bin\acdaemon.exe


Scan ACDaemon.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.